From edcc5eee3ad9adfa73bba3582afda6c71380169a Mon Sep 17 00:00:00 2001 From: Jason Adams Date: Tue, 22 Aug 2023 10:00:16 -0700 Subject: [PATCH] Security: remove uses of payment intent secret and existing meta (#6836) --- .../stripe/includes/give-stripe-helpers.php | 41 ++----------- .../class-give-stripe-sepa.php | 22 +++---- .../Stripe/Actions/CreatePaymentIntent.php | 12 +--- .../RemovePaymentIntentSecretMeta.php | 58 +++++++++++++++++++ src/PaymentGateways/ServiceProvider.php | 5 +- 5 files changed, 76 insertions(+), 62 deletions(-) create mode 100644 src/PaymentGateways/Gateways/Stripe/Migrations/RemovePaymentIntentSecretMeta.php diff --git a/includes/gateways/stripe/includes/give-stripe-helpers.php b/includes/gateways/stripe/includes/give-stripe-helpers.php index 3009b57ca7..b9c2022763 100644 --- a/includes/gateways/stripe/includes/give-stripe-helpers.php +++ b/includes/gateways/stripe/includes/give-stripe-helpers.php @@ -630,36 +630,6 @@ function give_stripe_get_application_fee_amount( $amount ) { return round( $amount * give_stripe_get_application_fee_percentage() / 100, 0 ); } -/** - * This function is used to fetch the donation id by meta key. - * - * @param string $id Any String. - * @param string $type intent_id/client_secret - * - * @since 2.5.0 - * - * @return void - */ -function give_stripe_get_donation_id_by( $id, $type ) { - - global $wpdb; - - $donation_id = 0; - - switch ( $type ) { - case 'intent_id': - $donation_id = $wpdb->get_var( $wpdb->prepare( "SELECT donation_id FROM {$wpdb->donationmeta} WHERE meta_key = '_give_stripe_payment_intent_id' AND meta_value = %s LIMIT 1", $id ) ); - break; - - case 'client_secret': - $donation_id = $wpdb->get_var( $wpdb->prepare( "SELECT donation_id FROM {$wpdb->donationmeta} WHERE meta_key = '_give_stripe_payment_intent_client_secret' AND meta_value = %s LIMIT 1", $id ) ); - break; - } - - return $donation_id; - -} - /** * This function is used to set Stripe API Key. * @@ -874,11 +844,12 @@ function give_stripe_is_source_type( $id, $type = 'src' ) { /** * This helper function is used to process Stripe payments. * - * @param array $donation_data Donation form data. - * @param object $stripe_gateway $this data. - * + * @unreleased no longer store the payment intent secret * @since 2.5.0 * + * @param array $donation_data Donation form data. + * @param object $stripe_gateway $this data. + * * @return void */ function give_stripe_process_payment( $donation_data, $stripe_gateway ) { @@ -978,10 +949,6 @@ function give_stripe_process_payment( $donation_data, $stripe_gateway ) { $intent = $stripe_gateway->payment_intent->create( $intent_args ); - // Save Payment Intent Client Secret to donation note and DB. - give_insert_payment_note( $donation_id, 'Stripe Payment Intent Client Secret: ' . $intent->client_secret ); - give_update_meta( $donation_id, '_give_stripe_payment_intent_client_secret', $intent->client_secret ); - // Set Payment Intent ID as transaction ID for the donation. give_set_payment_transaction_id( $donation_id, $intent->id ); give_insert_payment_note( $donation_id, 'Stripe Charge/Payment Intent ID: ' . $intent->id ); diff --git a/includes/gateways/stripe/includes/payment-methods/class-give-stripe-sepa.php b/includes/gateways/stripe/includes/payment-methods/class-give-stripe-sepa.php index ebbf873a69..ff03baf986 100644 --- a/includes/gateways/stripe/includes/payment-methods/class-give-stripe-sepa.php +++ b/includes/gateways/stripe/includes/payment-methods/class-give-stripe-sepa.php @@ -155,14 +155,15 @@ class="give-stripe-sepa-iban-field give-stripe-cc-field" } /** - * This function will be used for donation processing. - * - * @param array $donation_data List of donation data. - * - * @return void - * @since 2.6.1 - * @access public - */ + * This function will be used for donation processing. + * + * @unreleased no longer store the intent secret in the database + * @since 2.6.1 + * + * @param array $donation_data List of donation data. + * + * @return void + */ public function process_payment( $donation_data ) { // Bailout, if the current gateway and the posted gateway mismatched. @@ -287,11 +288,6 @@ public function process_payment( $donation_data ) { $intent = $this->payment_intent->create( $intent_args ); if ( ! empty( $intent->status ) && 'processing' === $intent->status ) { - - // Save Payment Intent Client Secret to donation note and DB. - give_insert_payment_note( $donation_id, 'Stripe Payment Intent Client Secret: ' . $intent->client_secret ); - give_update_meta( $donation_id, '_give_stripe_payment_intent_client_secret', $intent->client_secret ); - // Set Payment Intent ID as transaction ID for the donation. give_set_payment_transaction_id( $donation_id, $intent->id ); give_insert_payment_note( $donation_id, 'Stripe Charge/Payment Intent ID: ' . $intent->id ); diff --git a/src/PaymentGateways/Gateways/Stripe/Actions/CreatePaymentIntent.php b/src/PaymentGateways/Gateways/Stripe/Actions/CreatePaymentIntent.php index 145f8ffbe6..d2615fcdb6 100644 --- a/src/PaymentGateways/Gateways/Stripe/Actions/CreatePaymentIntent.php +++ b/src/PaymentGateways/Gateways/Stripe/Actions/CreatePaymentIntent.php @@ -27,6 +27,7 @@ public function __construct(array $paymentIntentArgs = []) } /** + * @unreleased no longer store the payment intent secret * @since 2.19.0 * * @throws InvalidPropertyName @@ -71,17 +72,6 @@ public function __invoke( 'content' => sprintf(__('Stripe Charge/Payment Intent ID: %s', 'give'), $intent->id()) ]); - DonationNote::create([ - 'donationId' => $donation->id, - 'content' => sprintf(__('Stripe Payment Intent Client Secret: %s', 'give'), $intent->clientSecret()) - ]); - - give_update_meta( - $donation->id, - '_give_stripe_payment_intent_client_secret', - $intent->clientSecret() - ); - if ('requires_action' === $intent->status()) { DonationNote::create([ 'donationId' => $donation->id, diff --git a/src/PaymentGateways/Gateways/Stripe/Migrations/RemovePaymentIntentSecretMeta.php b/src/PaymentGateways/Gateways/Stripe/Migrations/RemovePaymentIntentSecretMeta.php new file mode 100644 index 0000000000..554d154760 --- /dev/null +++ b/src/PaymentGateways/Gateways/Stripe/Migrations/RemovePaymentIntentSecretMeta.php @@ -0,0 +1,58 @@ + '_give_stripe_payment_intent_client_secret'], + ['%s'] + ); + + $commentsTable = DB::prefix('give_comments'); + DB::query( + DB::prepare( + "DELETE FROM {$commentsTable} WHERE comment_type = 'donation' AND comment_content LIKE %s", + 'Stripe Payment Intent Client Secret:%' + ) + ); + } +} diff --git a/src/PaymentGateways/ServiceProvider.php b/src/PaymentGateways/ServiceProvider.php index 60aa969714..a53b22ed1c 100644 --- a/src/PaymentGateways/ServiceProvider.php +++ b/src/PaymentGateways/ServiceProvider.php @@ -14,6 +14,7 @@ use Give\PaymentGateways\Gateways\Stripe\Controllers\UpdateStatementDescriptorAjaxRequestController; use Give\PaymentGateways\Gateways\Stripe\Migrations\AddMissingTransactionIdForUncompletedDonations; use Give\PaymentGateways\Gateways\Stripe\Migrations\AddStatementDescriptorToStripeAccounts; +use Give\PaymentGateways\Gateways\Stripe\Migrations\RemovePaymentIntentSecretMeta; use Give\PaymentGateways\PayPalCommerce\Migrations\RegisterPayPalDonationsRefreshTokenCronJobByMode; use Give\PaymentGateways\PayPalCommerce\Migrations\RemoveLogWithCardInfo; use Give\ServiceProviders\ServiceProvider as ServiceProviderInterface; @@ -68,6 +69,7 @@ public function boot() } /** + * @unreleased add RemovePaymentIntentSecretMeta migration * @since 2.19.6 */ private function registerMigrations() @@ -76,7 +78,8 @@ private function registerMigrations() AddStatementDescriptorToStripeAccounts::class, AddMissingTransactionIdForUncompletedDonations::class, RemoveLogWithCardInfo::class, - RegisterPayPalDonationsRefreshTokenCronJobByMode::class + RemovePaymentIntentSecretMeta::class, + RegisterPayPalDonationsRefreshTokenCronJobByMode::class, ]); } }